diff options
author | Denis Kasanic <d.kasanic@partner.samsung.com> | 2019-12-04 13:40:07 +0100 |
---|---|---|
committer | Denis Kasanic <d.kasanic@partner.samsung.com> | 2019-12-18 10:24:58 +0000 |
commit | fd2a5066ec0a3f13fb52b6d0bb2fb84e52dc31a8 (patch) | |
tree | d5332ab5e04cf097221b47541a4d99427a0feeb9 /patches | |
parent | 610ddff2d54cece28af56cc7bbf01ed524ecce9c (diff) |
Add robot config at onap install
Change onap network cidr to /16 due to robot hardcoded config.
Adding onap network id to configuration at installation part.
Adding optional connection to demo usecases network at deploy step
Update patch scripts for specify network and kubernetes namespace
Enable config_drive parameter at openstack instances deploying to get openstack metadata
Issue-ID: OOM-1996
Signed-off-by: Denis Kasanic <d.kasanic@partner.samsung.com>
Change-Id: I4403e8ca0f385060ac815372ffd91eda60026ddb
Diffstat (limited to 'patches')
-rw-r--r-- | patches/base_vfw.yaml | 506 | ||||
-rwxr-xr-x | patches/update_policy.sh | 26 | ||||
-rwxr-xr-x | patches/update_robot.sh | 12 |
3 files changed, 22 insertions, 522 deletions
diff --git a/patches/base_vfw.yaml b/patches/base_vfw.yaml deleted file mode 100644 index fb4a0174..00000000 --- a/patches/base_vfw.yaml +++ /dev/null @@ -1,506 +0,0 @@ -########################################################################## -# -#==================LICENSE_START========================================== -# -# -# Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -#==================LICENSE_END============================================ -# -# ECOMP is a trademark and service mark of AT&T Intellectual Property. -# -########################################################################## - -heat_template_version: 2013-05-23 - -description: Heat template that deploys vFirewall demo app for ONAP - -############## -# # -# PARAMETERS # -# # -############## - -parameters: - vfw_image_name: - type: string - label: Image name or ID - description: Image to be used for compute instance - vfw_flavor_name: - type: string - label: Flavor - description: Type of instance (flavor) to be used - vpg_image_name: - type: string - label: Image name or ID - description: Image to be used for compute instance - vpg_flavor_name: - type: string - label: Flavor - description: Type of instance (flavor) to be used - vsn_image_name: - type: string - label: Image name or ID - description: Image to be used for compute instance - vsn_flavor_name: - type: string - label: Flavor - description: Type of instance (flavor) to be used - public_net_id: - type: string - label: Public network name or ID - description: Public network that enables remote connection to VNF - unprotected_private_net_id: - type: string - label: Unprotected private network name or ID - description: Private network that connects vPacketGenerator with vFirewall - protected_private_net_id: - type: string - label: Protected private network name or ID - description: Private network that connects vFirewall with vSink - onap_private_net_id: - type: string - label: ONAP management network name or ID - description: Private network that connects ONAP components and the VNF - onap_private_subnet_id: - type: string - label: ONAP management sub-network name or ID - description: Private sub-network that connects ONAP components and the VNF - unprotected_private_net_cidr: - type: string - label: Unprotected private network CIDR - description: The CIDR of the unprotected private network - protected_private_net_cidr: - type: string - label: Protected private network CIDR - description: The CIDR of the protected private network - onap_private_net_cidr: - type: string - label: ONAP private network CIDR - description: The CIDR of the protected private network - vfw_int_unprotected_private_ip_0: - type: string - label: vFirewall private IP address towards the unprotected network - description: Private IP address that is assigned to the vFirewall to communicate with the vPacketGenerator - vfw_int_protected_private_ip_0: - type: string - label: vFirewall private IP address towards the protected network - description: Private IP address that is assigned to the vFirewall to communicate with the vSink - vfw_onap_private_ip_0: - type: string - label: vFirewall private IP address towards the ONAP management network - description: Private IP address that is assigned to the vFirewall to communicate with ONAP components - vfw_int_protected_private_floating_ip: - type: string - label: same value as vpg_int_unprotected_private_ip_0 - description: IP to inform OpenStack to enable vfw protected private port to allow packets coming from the packet generator - vpg_int_unprotected_private_ip_0: - type: string - label: vPacketGenerator private IP address towards the unprotected network - description: Private IP address that is assigned to the vPacketGenerator to communicate with the vFirewall - vpg_onap_private_ip_0: - type: string - label: vPacketGenerator private IP address towards the ONAP management network - description: Private IP address that is assigned to the vPacketGenerator to communicate with ONAP components - vsn_int_protected_private_ip_0: - type: string - label: vSink private IP address towards the protected network - description: Private IP address that is assigned to the vSink to communicate with the vFirewall - vsn_onap_private_ip_0: - type: string - label: vSink private IP address towards the ONAP management network - description: Private IP address that is assigned to the vSink to communicate with ONAP components - vfw_name_0: - type: string - label: vFirewall name - description: Name of the vFirewall - vpg_name_0: - type: string - label: vPacketGenerator name - description: Name of the vPacketGenerator - vsn_name_0: - type: string - label: vSink name - description: Name of the vSink - vnf_id: - type: string - label: VNF ID - description: The VNF ID is provided by ONAP - vnf_name: - type: string - label: VNF NAME - description: The VNF NAME is provided by ONAP - vf_module_id: - type: string - label: vFirewall module ID - description: The vFirewall Module ID is provided by ONAP - dcae_collector_ip: - type: string - label: DCAE collector IP address - description: IP address of the DCAE collector - dcae_collector_port: - type: string - label: DCAE collector port - description: Port of the DCAE collector - key_name: - type: string - label: Key pair name - description: Public/Private key pair name - pub_key: - type: string - label: Public key - description: Public key to be installed on the compute instance - install_script_version: - type: string - label: Installation script version number - description: Version number of the scripts that install the vFW demo app - demo_artifacts_version: - type: string - label: Artifacts version used in demo vnfs - description: Artifacts (jar, tar.gz) version used in demo vnfs - nexus_artifact_repo: - type: string - description: Root URL for the Nexus repository for Maven artifacts. - cloud_env: - type: string - label: Cloud environment - description: Cloud environment (e.g., openstack, rackspace) - sec_group: - type: string - description: ONAP Security Group - -############# -# # -# RESOURCES # -# # -############# - -resources: - random-str: - type: OS::Heat::RandomString - properties: - length: 4 - - my_keypair: - type: OS::Nova::KeyPair - properties: - name: - str_replace: - template: vnfname_base_rand - params: - base: { get_param: key_name } - rand: { get_resource: random-str } - vnfname: { get_param: vnf_name } - public_key: { get_param: pub_key } - save_private_key: false - - # NETWORK_ROLE: unprotected_private - # NETWORK_TYPE: internal - int_unprotected_private_network: - type: OS::Neutron::Net - properties: - name: - str_replace: - template: vnfname_netid - params: - netid: { get_param: unprotected_private_net_id } - vnfname: { get_param: vnf_name } - - # NETWORK_ROLE: protected_private - # NETWORK_TYPE: internal - int_protected_private_network: - type: OS::Neutron::Net - properties: - name: - str_replace: - template: vnfname_netid - params: - netid: { get_param: protected_private_net_id } - vnfname: { get_param: vnf_name } - - # NETWORK_ROLE: unprotected_private - # NETWORK_TYPE: internal - int_unprotected_private_subnet: - type: OS::Neutron::Subnet - properties: - network: { get_resource: int_unprotected_private_network } - cidr: { get_param: unprotected_private_net_cidr } - - # NETWORK_ROLE: protected_private - # NETWORK_TYPE: internal - int_protected_private_subnet: - type: OS::Neutron::Subnet - properties: - network: { get_resource: int_protected_private_network } - cidr: { get_param: protected_private_net_cidr } - - ### Virtual Firewall instantiation ### - - # VM_TYPE: vfw - # NETWORK_ROLE: protected_private - # NETWORK_TYPE: internal - vfw_0_int_unprotected_private_port_0: - type: OS::Neutron::Port - properties: - network: { get_resource: int_unprotected_private_network } - fixed_ips: [{"subnet": { get_resource: int_unprotected_private_subnet }, "ip_address": { get_param: vfw_int_unprotected_private_ip_0 }}] - security_groups: - - { get_param: sec_group } - - # VM_TYPE: vfw - # NETWORK_ROLE: protected_private - # NETWORK_TYPE: internal - vfw_0_int_protected_private_port_0: - type: OS::Neutron::Port - properties: - allowed_address_pairs: [{ "ip_address": { get_param: vfw_int_protected_private_floating_ip }}] - network: { get_resource: int_protected_private_network } - fixed_ips: [{"subnet": { get_resource: int_protected_private_subnet }, "ip_address": { get_param: vfw_int_protected_private_ip_0 }}] - security_groups: - - { get_param: sec_group } - - # VM_TYPE: vfw - # NETWORK_ROLE: onap_private - # NETWORK_TYPE: external - vfw_0_onap_private_port_0: - type: OS::Neutron::Port - properties: - network: { get_param: onap_private_net_id } - fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vfw_onap_private_ip_0 }}] - security_groups: - - { get_param: sec_group } - - # VM_TYPE: vfw - vfw_server_0: - type: OS::Nova::Server - properties: - image: { get_param: vfw_image_name } - flavor: { get_param: vfw_flavor_name } - name: { get_param: vfw_name_0 } - key_name: { get_resource: my_keypair } - networks: - - network: { get_param: public_net_id } - - port: { get_resource: vfw_0_int_unprotected_private_port_0 } - - port: { get_resource: vfw_0_int_protected_private_port_0 } - - port: { get_resource: vfw_0_onap_private_port_0 } - metadata: - vnf_id: { get_param: vnf_id } - vf_module_id: { get_param: vf_module_id } - vnf_name: { get_param: vnf_name } - user_data_format: RAW - user_data: - str_replace: - params: - __dcae_collector_ip__ : { get_param: dcae_collector_ip } - __dcae_collector_port__ : { get_param: dcae_collector_port } - __demo_artifacts_version__ : { get_param: demo_artifacts_version } - __install_script_version__ : { get_param: install_script_version } - __vfw_private_ip_0__ : { get_param: vfw_int_unprotected_private_ip_0 } - __vfw_private_ip_1__ : { get_param: vfw_int_protected_private_ip_0 } - __vfw_private_ip_2__ : { get_param: vfw_onap_private_ip_0 } - __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } - __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } - __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } - __cloud_env__ : { get_param: cloud_env } - __nexus_artifact_repo__: { get_param: nexus_artifact_repo } - template: | - #!/bin/bash - - # nasty hack to bypass cloud-init issues - sed -i '1i nameserver 8.8.8.8' /etc/resolv.conf - iface_correct=`ip a | grep 10.8.8 | awk {'print $7'}` - route add default gw 10.8.8.1 ${iface_correct} - - # Create configuration files - mkdir /opt/config - echo "__dcae_collector_ip__" > /opt/config/dcae_collector_ip.txt - echo "__dcae_collector_port__" > /opt/config/dcae_collector_port.txt - echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt - echo "__install_script_version__" > /opt/config/install_script_version.txt - echo "__vfw_private_ip_0__" > /opt/config/vfw_private_ip_0.txt - echo "__vfw_private_ip_1__" > /opt/config/vfw_private_ip_1.txt - echo "__vfw_private_ip_2__" > /opt/config/vfw_private_ip_2.txt - echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt - echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt - echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt - echo "__cloud_env__" > /opt/config/cloud_env.txt - echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt - - # Download and run install script - apt-get update - apt-get -y install unzip - if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi - curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip - unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_firewall_install.sh - cd /opt - chmod +x v_firewall_install.sh - ./v_firewall_install.sh - - - ### Virtual Packet Generator instantiation ### - - vpg_0_int_unprotected_private_port_0: - type: OS::Neutron::Port - properties: - network: { get_resource: int_unprotected_private_network } - fixed_ips: [{"subnet": { get_resource: int_unprotected_private_subnet }, "ip_address": { get_param: vpg_int_unprotected_private_ip_0 }}] - security_groups: - - { get_param: sec_group } - - vpg_0_onap_private_port_0: - type: OS::Neutron::Port - properties: - network: { get_param: onap_private_net_id } - fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vpg_onap_private_ip_0 }}] - security_groups: - - { get_param: sec_group } - - vpg_server_0: - type: OS::Nova::Server - properties: - image: { get_param: vpg_image_name } - flavor: { get_param: vpg_flavor_name } - name: { get_param: vpg_name_0 } - key_name: { get_resource: my_keypair } - networks: - - network: { get_param: public_net_id } - - port: { get_resource: vpg_0_int_unprotected_private_port_0 } - - port: { get_resource: vpg_0_onap_private_port_0 } - metadata: - vnf_id: { get_param: vnf_id } - vf_module_id: { get_param: vf_module_id } - vnf_name: { get_param: vnf_name } - user_data_format: RAW - user_data: - str_replace: - params: - __fw_ipaddr__: { get_param: vfw_int_unprotected_private_ip_0 } - __protected_net_cidr__: { get_param: protected_private_net_cidr } - __sink_ipaddr__: { get_param: vsn_int_protected_private_ip_0 } - __demo_artifacts_version__ : { get_param: demo_artifacts_version } - __install_script_version__ : { get_param: install_script_version } - __vpg_private_ip_0__ : { get_param: vpg_int_unprotected_private_ip_0 } - __vpg_private_ip_1__ : { get_param: vpg_onap_private_ip_0 } - __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } - __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } - __cloud_env__ : { get_param: cloud_env } - __nexus_artifact_repo__: { get_param: nexus_artifact_repo } - template: | - #!/bin/bash - - # nasty hack to bypass cloud-init issues - sed -i '1i nameserver 8.8.8.8' /etc/resolv.conf - iface_correct=`ip a | grep 10.8.8 | awk {'print $7'}` - route add default gw 10.8.8.1 ${iface_correct} - - # Create configuration files - mkdir /opt/config - echo "__fw_ipaddr__" > /opt/config/fw_ipaddr.txt - echo "__protected_net_cidr__" > /opt/config/protected_net_cidr.txt - echo "__sink_ipaddr__" > /opt/config/sink_ipaddr.txt - echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt - echo "__install_script_version__" > /opt/config/install_script_version.txt - echo "__vpg_private_ip_0__" > /opt/config/vpg_private_ip_0.txt - echo "__vpg_private_ip_1__" > /opt/config/vpg_private_ip_1.txt - echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt - echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt - echo "__cloud_env__" > /opt/config/cloud_env.txt - echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt - - # Download and run install script - apt-get update - apt-get -y install unzip - if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi - curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip - unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_packetgen_install.sh - cd /opt - chmod +x v_packetgen_install.sh - ./v_packetgen_install.sh - - - ### Virtual Sink instantiation ### - - vsn_0_int_protected_private_port_0: - type: OS::Neutron::Port - properties: - network: { get_resource: int_protected_private_network } - fixed_ips: [{"subnet": { get_resource: int_protected_private_subnet }, "ip_address": { get_param: vsn_int_protected_private_ip_0 }}] - security_groups: - - { get_param: sec_group } - - vsn_0_onap_private_port_0: - type: OS::Neutron::Port - properties: - network: { get_param: onap_private_net_id } - fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vsn_onap_private_ip_0 }}] - security_groups: - - { get_param: sec_group } - - vsn_server_0: - type: OS::Nova::Server - properties: - image: { get_param: vsn_image_name } - flavor: { get_param: vsn_flavor_name } - name: { get_param: vsn_name_0 } - key_name: { get_resource: my_keypair } - networks: - - network: { get_param: public_net_id } - - port: { get_resource: vsn_0_int_protected_private_port_0 } - - port: { get_resource: vsn_0_onap_private_port_0 } - metadata: - vnf_id: { get_param: vnf_id } - vf_module_id: { get_param: vf_module_id } - vnf_name: { get_param: vnf_name } - user_data_format: RAW - user_data: - str_replace: - params: - __protected_net_gw__: { get_param: vfw_int_protected_private_ip_0 } - __unprotected_net__: { get_param: unprotected_private_net_cidr } - __install_script_version__ : { get_param: install_script_version } - __vsn_private_ip_0__ : { get_param: vsn_int_protected_private_ip_0 } - __vsn_private_ip_1__ : { get_param: vsn_onap_private_ip_0 } - __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } - __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } - __cloud_env__ : { get_param: cloud_env } - __nexus_artifact_repo__: { get_param: nexus_artifact_repo } - template: | - #!/bin/bash - - # nasty hack to bypass cloud-init issues - sed -i '1i nameserver 8.8.8.8' /etc/resolv.conf - iface_correct=`ip a | grep 10.8.8 | awk {'print $7'}` - route add default gw 10.8.8.1 ${iface_correct} - - # Create configuration files - mkdir /opt/config - echo "__protected_net_gw__" > /opt/config/protected_net_gw.txt - echo "__unprotected_net__" > /opt/config/unprotected_net.txt - echo "__install_script_version__" > /opt/config/install_script_version.txt - echo "__vsn_private_ip_0__" > /opt/config/vsn_private_ip_0.txt - echo "__vsn_private_ip_1__" > /opt/config/vsn_private_ip_1.txt - echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt - echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt - echo "__cloud_env__" > /opt/config/cloud_env.txt - echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt - - # Download and run install script - apt-get update - apt-get -y install unzip - if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi - curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip - unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_sink_install.sh - cd /opt - chmod +x v_sink_install.sh - ./v_sink_install.sh diff --git a/patches/update_policy.sh b/patches/update_policy.sh index cc0ab17a..15a5f883 100755 --- a/patches/update_policy.sh +++ b/patches/update_policy.sh @@ -1,20 +1,20 @@ #!/usr/bin/env bash set -xe - -DROOLS_POD=`kubectl get pods | grep drools | awk {'print $1'}` +NAMESPACE=$1 +DROOLS_POD=`kubectl -n ${NAMESPACE} get pods | grep drools | awk {'print $1'}` DST_BASE="/home/policy/.m2/repository/org/onap" # WA to clean wrong _remote.repositories # this/original version of files will prevent maven to find missing dependencies # its not an issue in online lab and those files are updated when poms are collected from internet -kubectl exec -it ${DROOLS_POD} -n onap -- bash -c "rm -f $DST_BASE/policy/drools-applications/controlloop/common/common/1.5.3/_remote.repositories" -kubectl exec -it ${DROOLS_POD} -n onap -- bash -c "rm -f $DST_BASE/policy/drools-applications/controlloop/common/controller-usecases/1.5.3/_remote.repositories" -kubectl exec -it ${DROOLS_POD} -n onap -- bash -c "rm -f $DST_BASE/policy/drools-applications/controlloop/common/database/1.5.3/_remote.repositories" -kubectl exec -it ${DROOLS_POD} -n onap -- bash -c "rm -f $DST_BASE/policy/drools-applications/controlloop/common/eventmanager/1.5.3/_remote.repositories" -kubectl exec -it ${DROOLS_POD} -n onap -- bash -c "rm -f $DST_BASE/policy/drools-applications/controlloop/common/guard/1.5.3/_remote.repositories" -kubectl exec -it ${DROOLS_POD} -n onap -- bash -c "rm -f $DST_BASE/policy/drools-applications/controlloop/controlloop/1.5.3/_remote.repositories" -kubectl exec -it ${DROOLS_POD} -n onap -- bash -c "rm -f $DST_BASE/policy/drools-applications/drools-applications/1.5.3/_remote.repositories" +kubectl -n ${NAMESPACE} exec -it ${DROOLS_POD} -- bash -c "rm -f $DST_BASE/policy/drools-applications/controlloop/common/common/1.5.3/_remote.repositories" +kubectl -n ${NAMESPACE} exec -it ${DROOLS_POD} -- bash -c "rm -f $DST_BASE/policy/drools-applications/controlloop/common/controller-usecases/1.5.3/_remote.repositories" +kubectl -n ${NAMESPACE} exec -it ${DROOLS_POD} -- bash -c "rm -f $DST_BASE/policy/drools-applications/controlloop/common/database/1.5.3/_remote.repositories" +kubectl -n ${NAMESPACE} exec -it ${DROOLS_POD} -- bash -c "rm -f $DST_BASE/policy/drools-applications/controlloop/common/eventmanager/1.5.3/_remote.repositories" +kubectl -n ${NAMESPACE} exec -it ${DROOLS_POD} -- bash -c "rm -f $DST_BASE/policy/drools-applications/controlloop/common/guard/1.5.3/_remote.repositories" +kubectl -n ${NAMESPACE} exec -it ${DROOLS_POD} -- bash -c "rm -f $DST_BASE/policy/drools-applications/controlloop/controlloop/1.5.3/_remote.repositories" +kubectl -n ${NAMESPACE} exec -it ${DROOLS_POD} -- bash -c "rm -f $DST_BASE/policy/drools-applications/drools-applications/1.5.3/_remote.repositories" # this part is for patching POLICY-2191 @@ -22,9 +22,9 @@ patch_pom() { pom_name=$1 dst_path=$2 - kubectl exec -it ${DROOLS_POD} -n onap -- bash -c "rm -f ${dst_path}/_remote.repositories;mkdir -p ${dst_path}" - kubectl cp ./POLICY-2191/${pom_name} ${DROOLS_POD}:${dst_path}/${pom_name} - kubectl cp ./POLICY-2191/${pom_name}.sha1 ${DROOLS_POD}:${dst_path}/${pom_name}.sha1 + kubectl -n ${NAMESPACE} exec -it ${DROOLS_POD} -- bash -c "rm -f ${dst_path}/_remote.repositories;mkdir -p ${dst_path}" + kubectl -n ${NAMESPACE} cp ./POLICY-2191/${pom_name} ${DROOLS_POD}:${dst_path}/${pom_name} + kubectl -n ${NAMESPACE} cp ./POLICY-2191/${pom_name}.sha1 ${DROOLS_POD}:${dst_path}/${pom_name}.sha1 } # patch 48 files in drools @@ -54,4 +54,4 @@ patch_pom policy-models-pdp-2.1.3.pom ${DST_BASE}/policy/models/policy-models-pd patch_pom policy-models-tosca-2.1.3.pom ${DST_BASE}/policy/models/policy-models-tosca/2.1.3/ # restart policy -kubectl exec -it ${DROOLS_POD} -n onap -- bash -c '/opt/app/policy/bin/policy stop;/opt/app/policy/bin/policy start' +kubectl -n ${NAMESPACE} exec -it ${DROOLS_POD} -- bash -c '/opt/app/policy/bin/policy stop;/opt/app/policy/bin/policy start' diff --git a/patches/update_robot.sh b/patches/update_robot.sh index 80c96113..8609685d 100755 --- a/patches/update_robot.sh +++ b/patches/update_robot.sh @@ -2,11 +2,13 @@ set -xe -ROBOT_POD=`kubectl get pods | grep robot | awk {'print $1'}` +NAMESPACE=$1 +NETPREFIX=$2 +ROBOT_POD=`kubectl ${NAMESPACE} get pods | grep robot | awk {'print $1'}` ROBOT_HOME="/var/opt/ONAP" # distribute example private key onap-dev -kubectl cp onap-dev.pem ${ROBOT_POD}:${ROBOT_HOME}/onap-dev.pem +kubectl cp -n ${NAMESPACE} onap-dev.pem ${ROBOT_POD}:${ROBOT_HOME}/onap-dev.pem # stability improvement for SRPOL lab # there is an issue that cloudinit is randomly putting default route @@ -14,4 +16,8 @@ kubectl cp onap-dev.pem ${ROBOT_POD}:${ROBOT_HOME}/onap-dev.pem # this patch assume that we are using rc3-offline-network as public network for vFW VMs # vFW VMs are installing SW in runtime, similarly as other ONAP demo usecases # please note that such network must be reachable from robot pod -kubectl cp base_vfw.yaml ${ROBOT_POD}:${ROBOT_HOME}/demo/heat/vFW/base_vfw.yaml +HACK="\n # nasty hack to bypass cloud-init issues\n sed -i '1i nameserver 8.8.8.8' /etc/resolv.conf\n iface_correct=\`ip a | grep ${NETPREFIX} | awk {'print \$7'}\`\n route add default gw ${NETPREFIX}.1 \${iface_correct}" + +kubectl cp -n ${NAMESPACE} ${ROBOT_POD}:${ROBOT_HOME}/demo/heat/vFW/base_vfw.yaml base_vfw.yaml +sed -i -e "/#!\/bin\/bash/a\ ${HACK}" base_vfw.yaml +kubectl cp -n ${NAMESPACE} base_vfw.yaml ${ROBOT_POD}:${ROBOT_HOME}/demo/heat/vFW/base_vfw.yaml |